
#user  nobody;
worker_processes  1;

# This default error log path is compiled-in to make sure configuration parsing
# errors are logged somewhere, especially during unattended boot when stderr
# isn't normally logged anywhere. This path will be touched on every nginx
# start regardless of error log location configured here. See
# https://trac.nginx.org/nginx/ticket/147 for more info. 
#
#error_log  /var/log/nginx/error.log;
#

#pid		logs/nginx.pid;


events {
	worker_connections  1024;
}



#
stream {
	upstream backend {
		server localhost:666;
	}
	server {
		listen 1935 ssl;
		proxy_pass backend;
		ssl_certificate /usr/local/etc/letsencrypt/live/rtmp.ori-club.xyz/fullchain.pem;
		ssl_certificate_key /usr/local/etc/letsencrypt/live/rtmp.ori-club.xyz/privkey.pem;
	}
}

http {
	server {
		server_name "ori-club.xyz" default_server;
		listen 443 ssl;

		ssl_certificate	 /usr/local/etc/letsencrypt/live/ori-club.xyz/fullchain.pem;
		ssl_certificate_key /usr/local/etc/letsencrypt/live/ori-club.xyz/privkey.pem;

		ssl_protocols	   TLSv1.2;
		ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;

		ssl_stapling			 on;
		ssl_stapling_verify		 on;

		####JELLYFIN SERVER####location / { #jellyfin/plex server
		#########   	 proxy_pass http://RETRACTED.duckdns.org:25565;
		#########		# proxy_pass http://$http_host$uri$is_args$args;
		#########}

		location /live { # will host the html files of your streams 
			alias /usr/local/www/live;
		}

		location /rtmp_stream {
			add_header 'Access-Control-Allow-Origin' '*' always;
			proxy_pass http://localhost:8888/mystream/topsecretkey2/;
		}
		location /rtmp_stream2 {
			add_header 'Access-Control-Allow-Origin' '*' always;
			proxy_pass http://localhost:8888/mystream/stopsecretksecretkey/;
		}

	}


}

